[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Total RSA in PGP

To: Network Demon <[email protected]>
Subject: Re: Total RSA in PGP
From: Derek Atkins <[email protected]>
Date: Sat, 28 Aug 93 23:33:33 EDT
Cc: [email protected]
In-Reply-To: Your message of Sat, 28 Aug 93 22:17:38 -0400. <[email protected]>

This was discussed about a year ago!  It is a bad idea to do this for
a couple reasons.  First of all, RSA can only encrypt a block of data
the same size as the key.  So, for example, if you encrypt a message
to me using my key, it RSA-encrypts in blocks of 709 bits!  Second,
there is no cypher-chaining, so the encryption from one block doesn't
affect the encryption of the next.  It is possible to do something
like this, but I sure wouldn't want to do it.

As for the time, lets say you have a 10K message (not unreasonable,
although thats a fairly long email message ;-), and you are encrypting
it in a 512-bit key.  Well, 512 bits is 64 bytes, so you are
encrypting 10K bytes 64 bytes at a time (or 160 blocks).  Each 64-byte
block takes a few seconds, lets just say one second (its a little
faster on some system, and a lot slower on others!)  This means you
are spending 160 seconds, or almost THREE MINUTES, to encrypt this 10K
file!

Personally, I don't think that the extra security that you may (or may
not: you now have a massive plain-text attack, although I don't know
how you can really use it) get is worth the 2 extra orders of
magnitude of time it takes to encrypt the data!

As for adding this as a feature to PGP.  It's *not* going to happen.

-derek

References:
- Total RSA in PGP
  - From: Network Demon <[email protected]>

Prev by Date: Re: PGP-MIME
Next by Date: Re: Total RSA in PGP
Prev by thread: Total RSA in PGP
Next by thread: Re: Total RSA in PGP
Index(es):
- Date
- Thread